Yours Truly

Cut and Thrust (comments)

I'm my own ombudsman

Comments & criticism are welcome.
Please feel free to suggest story ideas, corrections, etc. If you want to e-mail, spam or scam me, my address is on the Facebook badge lower down this page.
Photos I use and credit are from named Flickr users who gave them a Creative Commons Licence, unless otherwise specified.
All uncredited photos & films are mine and free to use, Woody Guthrie style.

About "The Oracle of Amsterdam"

I'm just this guy, you know? Any opinions I accidentally express on this site are not those of my employer.
Old friends (or foes, for the nostalgia) from Palo Alto, Swarthmore, Rome, Philadelphia, Paris, Berkeley or Amsterdam feel free to drop me a line...

Minister Piet Hein Donner sent a letter to parliament confirming the essence of the accusation — that several employees in his ministry's communications department had been accessing the GPD network since mid-2006.

-AP

But I wanted to translate what I consider a classic letter that the Dutch language "GeenStijl" blog sent the GPD way back in 2003 _ for the pleasure of all non-Dutch out there.

This is just in fun, so GeenStijl and GPD, please don't sue me.

Without further ado, here it is:

PLEASE CONFIRM RECEIPT AND ANSWER DIRECTLY.

Dear GPD,

Hereby, a very important disclosure: Your website, and all connected systems, are as leaky as a basket. LEAKY as LEAKY can be, LEAKY!

We make www.geenstijl.nl, a weblog. In the whole history of our existence, we have never seen such a shameless excuse for a web site as yours.

Just with a little creative surfing, all your internal hard drives are vulnerable. I don't know where to begin, there are so many holes in your system.

God knows how a professional news organization like yours could have left all its systems open, probably for years! Not a single safety update has ever been installed, and there's no password to keep out someone who bears you ill will. We're not talking about cracks that could be exploited by advanced hackers, but ENORMOUS HOLES that any halfwit can find.

The chance is real that you've been tapped for years, and we can guess without too much difficulty that your email can be monitored as well. We didn't look at it, of course, but given the amount of holes, it's not hard to imagine it happening.

Even though it would be completely legal for us to post all the necessary links (to access your systems), we won't do that. Instead, we will warn you before we publish about this shameful situation. The damage for a news organization would be so great if we just publish the sentence "GPD is Leaky," given that many of our readers will become curious about it, that your business would be in danger. We'd like to avoid that, of course. So, with this note, we make the very emphatic request that you close the holes.

We wonder who your system managers are. It might be prudent to keep these people as far away from all computers as possible and immediately seek a professional security company. These so-called system managers form an acute danger for your organization.

REMEMBER: we're not even talking about hacking here, all anybody needs to do is enter some links in a browser. In order to "hack" there would have to be some security, and there isn't any.

1 comment:

Thanks for that, Tobs. Its amazing to me that even though this is a big story, _NOBODY_ is questioning GPD security. That just goes to show how little the general public (and the journalists and the system administrators at GPD, for that matter) know about IT security.